Privilege Escalation and Information Disclosure via Prepopulated Fact Cache in puppetlabs-stdlib Module
CVE-2015-1029 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache.
Learn more about our User Device Pen Test.